🎂 Make a wish and blow out the candles…we’re celebrating Kong’s sixth anniversary! 👏👏👏 In 2015, Mashape open sourced Kong Gateway, launching the next generation of API management. In our last anniversary post, I took a look back at our history. For this 6th anniversary post, I’ll focus on how this year went and look forward to what’s coming up next.

President Joe Biden issued an “Executive Order on Improving the Nation’s Cybersecurity” as of May 12, 2021. The order includes numerous actions and mandates to confront the dangers of cyber attacks that are increasing in frequency and sophistication. Cybersecurity has real and significant implications, both in economical and national security terms. At the time of this writing, the Colonial Pipeline cyber attack caused quite a stir on the USA’s east coast.

If you’ve not heard of decK (our declarative configuration and drift detection tool for Kong Gateway) before, now’s a great time to get hands-on with it as we’ve just shipped decK v1.7.0 with a whole host of new goodies. Oh, and it’s all open source as usual.

In our second Kong and Okta tutorial, we’ll go through the authorization code flow applied to user authentication processes. This series will show you how to implement service authentication and authorization for Kong Konnect and Okta using the OpenID Connect (OIDC) plugin.

We recently sat down to discuss the language for the next Kong Gateway Plugin Development Kit (PDK). Given the number of JavaScript developers in the world and the variety of libraries and debugging tools available, there was only one logical choice. I’m excited to share that with the Kong Gateway (OSS) 2.4 release, that functionality is now available to you all!

This tutorial will walk through a common use case for the Kong Gateway Key Authentication plugin: using API key authentication to protect a route to an API server endpoint. It’s a simple use case, but it will give you the foundation to deploy and configure the plugin for your own unique project needs. Before we walk through our mini-project, let’s cover a few core concepts.

One of the most powerful capabilities provided by Kong Konnect Enterprise is the support for Hybrid deployments. In other words, it implements distributed API Gateway Clusters with multiple instances running on several environments at the same time. Moreover, Kong Enterprise provides a new topology option, named Hybrid Mode, with a total separation of the Control Plane (CP) and Data Plane (DP).

We looked at service design considerations in the first part of this blog series. In this next part, I’d like to share some best practices for API versioning – a topic that comes up quite often with every customer as it is one of the key concerns when implementing API gateways. There are two ways to version RESTful APIs: URI and header-based, as summarized in this REST API tutorial.

Containerization and orchestration are becoming increasingly popular. According to a recent survey conducted by Market Watch, the global container market will exceed $5 billion by 2026. In 2019, that number was under 1 billion. These statistics show that the world is moving more towards containers and orchestration faster and faster each day. One example of this is moving from VM to Kubernetes.

The Kong Gateway Rate Limiting plugin is one of our most popular traffic control add-ons. You can configure the plugin with a policy for what constitutes “similar requests” (requests coming from the same IP address, for example), and you can set your limits (limit to 10 requests per minute, for example). This tutorial will walk through how simple it is to enable rate limiting in your Kong Gateway.

Note to readers before we get started: you’ll see us referring to the “Kong Gateway” in this post. This is the product previously referred to as Kong Gateway Enterprise. In version 2.3, we released a free operating mode of Kong Gateway Enterprise, and given it no longer needs a paid “Enterprise” license, we now refer to this gateway as the Kong Gateway and disambiguate from the OSS-only Gateway as Kong Gateway (OSS).

In this Kong Konnect tutorial, you’ll learn how to leverage the platform to manage your API ecosystem from a single easy-to-use interface.

Using Kong’s OpenID Connect (OIDC) plugin, Kong and Okta work together to solve three significant application development challenges: The OIDC plugin enables Kong, as the API gateway, to communicate with Okta via the OAuth/OIDC flows. That way, your app teams don’t have to configure and diagnose authentication and authorization for each service individually. With these challenges solved, app teams have more time to build and innovate.

Software teams have found themselves in the center of the business’ strategy. Their strategic decisions on technologies to invest in has resulted in greater agility and the ability to build products that differentiate their companies in the market. As a result, optimizing the ability for software teams to deliver by investing in stronger tooling has become a core priority.

Today, we are thrilled to announce that we have expanded open access to Kong Konnect, the world’s only cloud native, full lifecycle service connectivity platform, for everybody anywhere in the world, thanks to a new plan called Konnect Plus! Available today with a free 30-day trial.

As organizations adopt a microservices architecture, API gateway usage has increased. Kong Gateway is one of the promising API gateways in the market. It has both OSS and enterprise support, releases multiple features and is easy to use. Kong Admin API helps administrators configure the system easily, but it’s still error-prone. That’s because the user has to hit many curl calls for creating all the configs. When numerous folks are managing the system, this becomes difficult.